Advanced Network Security

• Lecture# 4-1

• By:
• Syed Irfan Ullah
• Abasyn University Peshawar
 Hash algorithm
• A hash function (or hash algorithm) is a
reproducible method of turning data
(usually a message or a file) into a number
suitable to be handled by a computer. These
functions provide a way of creating a small
digital "fingerprint" from any kind of data.
The function chops and mixes (i.e.,
substitutes or transposes) the data to create
the fingerprint, often called a hash value.
 Cont’d
• The hash value is commonly represented in
hexadecimal notation. A good hash function
is one that yields few hash collisions in
expected input domains. In hash tables and
data processing, collisions inhibit the
distinguishing of data, making records more
costly to find.
 Cont’d
• In cryptography, a cryptographic hash function
is a hash function with certain additional security
properties to make it suitable for use as a primitive
in various information security applications, such
as authentication and message integrity. A hash
function takes a long string (or 'message') of any
length as input and produces a fixed length string
as output, sometimes termed a message digest or
a digital fingerprint.
 Cont’d
• In various standards and applications, the
two most-commonly used hash functions
are MD5 and SHA-1.
• In 2005, security flaws were identified in
both algorithms
Cont’d
 Ciphering Mechanisms
• Stream cipher
• Block cipher
 Stream cipher
• In cryptography, a stream cipher is a
symmetric cipher in which the plaintext digits are
encrypted one at a time, and in which the
transformation of successive digits varies during the
encryption.

• An alternative name is a state cipher, as the encryption

of each digit is dependent on the current state. In
practice, the digits are typically single bits or bytes.
 Types of stream cipher
• Synchronous stream ciphers
• Self-synchronizing stream ciphers
• Linear feedback shift register-based stream
ciphers
• Non-linear combining functions
• Clock-controlled generators
• Filter generator
 Security
• To be secure, the period of the keystream, that is, the number
of digits output before the stream repeats itself, needs to be
sufficiently large. If the sequence repeats, then the
overlapping ciphertexts can be aligned against each other "in
depth", and there are techniques which could allow the
plaintext to be extracted

• However, for most choices of this parameter, the resulting

stream had a period of only 232 — for many applications, this
period is far too low. For example, if encryption is being
performed at a rate of 1 megabyte per second, a stream of
period 232 will repeat after around 8.5 minutes.
 Usage
• Stream ciphers are often used in applications where plaintext
comes in quantities of unknowable length—for example, a secure
wireless connection
• Another advantage of stream ciphers in military cryptography is
that the cipher stream can be generated in a separate box that is
subject to strict security measures and fed to other devices, e.g. a
radio set, which will perform the xor operation as part of their
function. The latter device can then be designed and used in less
stringent environments.

• RC4 is the most widely used stream cipher in software; others

include: A5/1, A5/2, Chameleon, FISH, Helix, ISAAC, MUGI,
Panama, Phelix, Pike, SEAL, SOBER, SOBER-128 and WAKE.
Comparison ….?
• http://en.wikipedia.org/wiki/Stream_cipher
 Block cipher
• In cryptography, a block cipher is a symmetric key cipher
which operates on fixed-length groups of bits, termed blocks,
with an unvarying transformation. When encrypting, a block
cipher might take a (for example) 128-bit block of plaintext
as input, and output a corresponding 128-bit block of
ciphertext.

• The exact transformation is controlled using a second input

— the secret key. Decryption is similar: the decryption
algorithm takes, in this example, a 128-bit block of
ciphertext together with the secret key, and yields the
original 128-bit block of plaintext.
 Cont’d
• An early and highly influential block cipher
design was the Data Encryption Standard
(DES), developed at IBM and published as a
standard in 1977.

• A successor to DES, the

Advanced Encryption Standard (AES), was
adopted in
 Examples
• Algorithms: 3-Way | AES | Akelarre | Anubis | ARIA | BaseKing |
Blowfish | C2 | Camellia | CAST-128 | CAST-256 | CIKS-1 |
CIPHERUNICORN-A | CIPHERUNICORN-E | CMEA | Cobra |
COCONUT98 | Crab | CS-Cipher | DEAL | DES | DES-X | DFC | E2 |
FEAL | FROG | G-DES | GOST | Grand Cru | Hasty Pudding Cipher |
Hierocrypt | ICE | IDEA | IDEA NXT | Iraqi | Intel Cascade Cipher |
KASUMI | KHAZAD | Khufu and Khafre | KN-Cipher | Libelle |
LOKI89/91 | LOKI97 | Lucifer | M6 | MacGuffin | Madryga |
MAGENTA | MARS | Mercy | MESH | MISTY1 | MMB | MULTI2 |
NewDES | NOEKEON | NUSH | Q | RC2 | RC5 | RC6 | REDOC |
Red Pike | S-1 | SAFER | SC2000 | SEED | Serpent | SHACAL |
SHARK | Skipjack | SMS4 | Square | TEA | Triple DES | Twofish |
UES | Xenon | xmx | XTEA | Zodiac

• http://en.wikipedia.org/wiki/Block_cipher
 Chap. 7

Confidentiality Using Symmetric

Encryption
 Confidentiality Using Symmetric
Encryption

• Where should cryptographic functionality be located?

• How can we make communications confidential?
• How do we distribute keys?
• What is the role of random numbers?
 Placement of Encryption Function

• Networks are vulnerable

to active and passive
attacks
– Many potential locations
for confidentiality attacks
• By network tapping or other
means
• Passive inductive attacks on
electrical signaling
• Phone and wiring closets may
be accessible to outsiders
• Satellite links are easy to
monitor
• Etc.
Points of Vulnerability
LAN

Points of Vulnerability
 Link vs. End-to-End Encryption
• The most powerful and most
common approach to securing
the points of vulnerability is
encryption
• If encryption is to be used to
counter these attacks, need to
decide what to encrypt and
where the encryption should be
located
• Two fundamental alternatives:
– Link encryption
– End-to-end encryption
 Link vs. End-to-End Encryption
• Link encryption
– Encryption occurs independently on every link
– Must decrypt traffic between links in order to route the frames
– Requires many devices, but paired keys
• End-to-end encryption
– Encryption occurs between original source and final destination
– Needs devices at each end with shared keys
– Must leave headers in clear so that network correctly routes information
– Contents are protected, but traffic pattern flows are not
• Ideally want both at once
– End-to-end protects data contents over entire path and provides
authentication
– Link protects traffic flows from monitoring
 Location of Encryption Device
• Link encryption:
– A lot of encryption devices
– High level of security
– Decrypt each packet at every switch
• End-to-end encryption
– The source encrypt and the receiver decrypts
– Payload encrypted
– Header in the clear
• High Security: Both link and end-to-end encryption
are needed (see Figure 2.9)
Link vs. End-to-End Encryption
Logical Placement of E2E Encryption Function
• Link encryption occurs at either the physical or link layers
• For end-to-end encryption, several choices are possible
• At the lowest practical layer, the encryption function could be
performed at network layer
• All the user processes and applications within each end system
would employ the same encryption scheme with the same key
• With this arrangement, front-end processor may be used to off-
load the encryption function
Logical Placement of E2E Encryption Function

• X.25 or TCP provide end-to-end security for traffic

within a fully integrated internetwork. However, such a
scheme cannot deliver the necessary service for
traffic that crosses internetwork boundaries, such as
E-Mail, EDI, and file transfer
• In this case, the only place to achieve end-to-end
encryption is at the application layer
• A drawback of application-layer encryption is that the
number of entities to consider increases dramatically
• Many more secret keys need to be generated and
distributed
Logical Placement of E2E Encryption Function
 OSI end Mail gateway TCP IP end
system system
Email Email Email Email
presentation presentation

session session TCP TCP

transport Transport

Network Network IP IP
Data link Data link Data link Data link

physical physical physical

Physical

Inter network Inter network

Logical Placement of E2E Encryption Function
(a) Application-level encryption

DataData
Link.H Net-H IP-H TCP.H Link- T

On links and at ISs and Gateways

(b) IP-Level Encryption

Link.H Net-H IP-H DataData Link- T

TCP-H Data

On links and at ISs

Link.H Net-H IP-H TCP.H Data Link- T

In Gateways
 Traffic Confidentiality
• Security from traffic analysis attack
– Knowledge about the number and length of messages
between nodes may enable an opponent to determine who is
talking to whom

• Types of information derivable from traffic analysis

– Identities of communicating partners
– Frequency of communication
– Message patterns, e.g., length, quantity, (encrypted) content
– Correlation between messages and real world events

• Can (sometimes) be defeated through traffic padding

 Countermeasure to Traffic Analysis
• Link encryption approach
– Link encryption hides address info., but leaves the amount of traffic
– Traffic padding is very effective
• End-to-End encryption approach
– Leaves addresses in the clear
– Measures available to the defender are more limited
• Pad out data units to a uniform length at either the transport or application level
• Null message can be inserted randomly into the stream
 Covert Channel
• Essentially, the dual of traffic analysis
• A means of communication in a fashion
unintended by the designers of the
communication facility
• Usually intended to violate or defeat a security
policy
• Examples
– Message length
– Message content
– Message presence
 Securing a Network

• Location for Confidentiality Attacks

• Location of Encryption Devices
• Key Distribution
 Class Activity: A (Time: 6:15 PM)
• Given:
• P= “Write some text in notepad……!”
• Seek some encryption algorithms on Internet
and choose a specific algorithm preferably non
classical algorithms
• Given an encryption key and encrypt that text
• Send it to some of your friend through email
and let him decrypt using the same key
 Activity-1
Research Topic
Max Time: 15 Min

• Various techniques are used to Secure a

Communication Link, reference to that
describe any one method

• Note: Your discussion must be supported by IEEE, or Impact

Factor based research Paper

• Next Class Attendance will be on the base of Research paper

 Activity-2
• Using Any Programming Language, do the
Following:
– A message is displayed: “Please Hit any key on key
board.
– Then Press enter Key.
– And display the key you pressed previously and
– display the ASCII code of that text.
– A = 65
– B = 66
 Activity-3
• Using Any Programming Language, do the
Following:
– A message is displayed: “Please Hit any key on key
board:”
– Then Press enter Key.
– Display a message “Please Enter Password:”
– Then display the messaged: “Plaintext = “
– Display “cipher text = “,
– Note: use simple addition with ascii the key.
 Key Distribution
• For symmetric encryption to work, the two parties must share
the same key and that key must be protected from access by
others

• Alice’s options in establishing a shared secret key with Bob

include
– Alice selects a key and physically delivers it to Bob
– Trusted third party key distribution center (T3P or KDC) selects a key
and physically delivers it to Alice and Bob
– If Alice and Bob have previously and recently used a key, it can be used
to distribute a new key
– If Alice and Bob have keys with the KDC, KDC can deliver a key on
the encrypted links to Alice and Bob
 Key Distribution
• Manual delivery is a
reasonable requirement with
link encryption, challenging
with end-to-end encryption
– The number of keys
grows quadratically with
the number of endpoints
• T3P key(s) constitute a rich
target of opportunity
• Initial (master) key
distribution remains a
challenge
 Key Distribution
1. A key could be selected by A and physically
delivered to B.
2. A third party could select the key and physically
deliver it to A and B.
3. If A and B have previously used a key, one party
could transmit the new key to the other, encrypted
using the old key.
4. If A and B each have an encrypted connection to
a third party C, C could deliver a key on the
encrypted links to A and B.
 Key Distribution
• Session key:
– Data encrypted with a one-time session key.At
the conclusion of the session the key is
destroyed
• Permanent key:
– Used between entities for the purpose of
distributing session keys
 Use of a Key Hierarchy
• Use of a KDC is based
on the use of a hierarchy
of keys
– Session key : temporary
encryption key used
between two parties
– Master key : long-lasting
key that are used between
a KDC and a party for
the purpose of encrypting
the transmission of
session keys
 A Key Distribution Scenario
• Assume each user shares a unique master key with the KDC
• Alice desires a one-time session key to communicate with Bob
(1) Alice issues a request to the KDC for a session key to be used
with Bob. Alice’s request includes a nonce to prevent replay
attack
(2) KDC responds with a message encrypted under Alice’s key. The
message contains the session key, the nonce, and the session key
along with Alice’s identity encrypted under Bob’s key
(3) Alice forwards the data encrypted under Bob’s Key to Bob
(4-5) Alice and Bob mutually authenticate under the session key
• (4) Bob sends a nonce to Alice encrypted under the session
key
• (5) Alice applies a transformation to the nonce and sends the
result back to Bob
A Key Distribution Scenario
 Hierarchical Key Control
• Instead of a single KDC, a hierarchy of KDCs can be
established; local KDCs and a golbal KDC
 
 
• Local KDCs exchange keys through a global KDC
 
 
 
• Can be extended to three or more layers (hierarchy)
 
 
  • Hierarchical scheme
 

– Minimizes the effort involved in master key

distribution
– Limits the damage of a faulty or subverted KDC to
its local area only
 Session Key Lifetime
• Tradeoffs in the session key lifetime
• The more frequent session keys, the more secure,
but the less performance (the more network load
and delay)
• For connection-oriented protocols, one option is
to associate a session with a connection
• For long-lived connections, must periodically
rekey
• For connectionless protocols, rekey at intervals
A Transparent Key Control
Scheme
 Decentralized Key Distribution

1. A issues a request to B for a session key and

includes a nonce, N1
2. B responds with a message encrypted using the
shared master key. Response includes the session
key selected by B, an identifier of B, the value of
f(N1), and another nonce, N2
3. Using the new session key, A returns f(N2) to B
 Controlling Key Usage
• It is desirable to impose some control on the way in which
automatically distributed keys are used
– e.g. we may wish to define different types of session keys on the
basis of use, such as
• Data-encrypting key
• PIN-encrypting key
• File-encrypting key
• One technique is to associate a tag with each key
– Tag is a bit-vector representing the key’s usage or type
– e.g. the extra 8 bits in each 56-bit DES key can be used as a tag
– Limited flexibility and functionality due to the limited tag size
– Because the tag is not transmitted in clear form, it can be used only at
the point of decryption, limiting the ways in which key use can be
controlled
• A more flexible scheme is to use a control vector
 Control Vector Scheme
• Each session key has an associated control vector
• Control vector consists of a number of fields that specify
the uses and restrictions for that session key
• The length of control vector may vary
• Control vector is cryptographically coupled with the at
the time of key generation at the KDC CV:K :
control vector
master key
m
– Hash value = H = h(CV) Ks: session key
– Key input = Km  H
– Encrypted session key = EKm  H [Ks]
• When a session key is delivered to a user from the KDC,
it is accompanied by the control vector in clear form
 Control Vector Scheme
• The session key can be recovered only by using both
the master key and the control vector
– Ks = DKm  H[EKm  H [Ks]]

• Advantages (over the 8-bit tag)

– No restriction on length of control vector
(arbitrarily complex controls to be imposed on key
use)
– Control vector is available in clear form at all stage
of operation  Key control can be exercised in
multiple locations
Control Vector Scheme

© ©